Test ID:	1.3.6.1.4.1.25623.1.0.58427
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1320-1)
Summary:	The remote host is missing an update for the Debian 'clamav' package(s) announced via the DSA-1320-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'clamav' package(s) announced via the DSA-1320-1 advisory. Vulnerability Insight: Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-2650 It was discovered that the OLE2 parser can be tricked into an infinite loop and memory exhaustion. CVE-2007-3023 It was discovered that the NsPack decompression code performed insufficient sanitising on an internal length variable, resulting in a potential buffer overflow. CVE-2007-3024 It was discovered that temporary files were created with insecure permissions, resulting in information disclosure. CVE-2007-3122 It was discovered that the decompression code for RAR archives allows bypassing a scan of a RAR archive due to insufficient validity checks. CVE-2007-3123 It was discovered that the decompression code for RAR archives performs insufficient validation of header values, resulting in a buffer overflow. For the oldstable distribution (sarge) these problems have been fixed in version 0.84-2.sarge.17. Please note that the fix for CVE-2007-3024 hasn't been backported to oldstable. For the stable distribution (etch) these problems have been fixed in version 0.90.1-3etch1. For the unstable distribution (sid) these problems have been fixed in version 0.90.2-1. We recommend that you upgrade your clamav packages. An updated package for oldstable/powerpc is not yet available. It will be provided later. Affected Software/OS: 'clamav' package(s) on Debian 3.1, Debian 4. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2650 BugTraq ID: 24316 http://www.securityfocus.com/bid/24316 Debian Security Information: DSA-1320 (Google Search) http://www.debian.org/security/2007/dsa-1320 http://security.gentoo.org/glsa/glsa-200706-05.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:115 http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853 http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html http://secunia.com/advisories/25244 http://secunia.com/advisories/25523 http://secunia.com/advisories/25525 http://secunia.com/advisories/25553 http://secunia.com/advisories/25558 http://secunia.com/advisories/25688 http://secunia.com/advisories/25796 SuSE Security Announcement: SUSE-SA:2007:033 (Google Search) http://www.novell.com/linux/security/advisories/2007_33_clamav.html http://www.trustix.org/errata/2007/0020/ http://www.vupen.com/english/advisories/2007/1776 Common Vulnerability Exposure (CVE) ID: CVE-2007-3023 BugTraq ID: 24358 http://www.securityfocus.com/bid/24358 http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html http://osvdb.org/36908 Common Vulnerability Exposure (CVE) ID: CVE-2007-3024 Common Vulnerability Exposure (CVE) ID: CVE-2007-3122 http://osvdb.org/45392 XForce ISS Database: clamav-rar-security-bypass(34823) https://exchange.xforce.ibmcloud.com/vulnerabilities/34823 Common Vulnerability Exposure (CVE) ID: CVE-2007-3123 BugTraq ID: 24289 http://www.securityfocus.com/bid/24289 http://osvdb.org/35522 XForce ISS Database: clamav-rar-dos(34778) https://exchange.xforce.ibmcloud.com/vulnerabilities/34778
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.